VYPR
Critical severity9.8NVD Advisory· Published Feb 9, 2017· Updated Jun 17, 2026

CVE-2016-10192

CVE-2016-10192

Description

Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • FFmpeg/Ffmpeg15 versions
    cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*range: <=2.8.9
    • cpe:2.3:a:ffmpeg:ffmpeg:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ffmpeg:ffmpeg:3.2.1:*:*:*:*:*:*:*
    • (no CPE)range: <2.8.10, <3.0.5, <3.1.6, <3.2.2
  • osv-coords2 versions
    < 2.8.11-12.1+ 1 more
    • (no CPE)range: < 2.8.11-12.1
    • (no CPE)range: < 3.1.8-8.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.